66c2681f7c
These .htaccess files are intended to prohibit all web access. But if the user sets "Satisfy Any" on a parent directory, in conjunction with any permissive require directive like "Require all granted", access will be allowed despite "Require all denied" in .htaccess. So, override Satisfy so that the "Require all denied" will reliably take effect. Note that "Satisfy All" is the default. This only affects non-default installations. Change-Id: Ia5862fb69e439b7ea2ed7af011e1ebf8f1b1f6d6 (cherry picked from commit a50d2e69f8ce9e5720b05615d04c35cc9008b6ae)
47 lines
1.3 KiB
PHP
47 lines
1.3 KiB
PHP
<?php
|
|
/**
|
|
* Copyright (C) 2017 Kunal Mehta <legoktm@debian.org>
|
|
*
|
|
* This program is free software; you can redistribute it and/or modify
|
|
* it under the terms of the GNU General Public License as published by
|
|
* the Free Software Foundation; either version 2 of the License, or
|
|
* (at your option) any later version.
|
|
*
|
|
* This program is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU General Public License for more details.
|
|
*
|
|
* You should have received a copy of the GNU General Public License along
|
|
* with this program; if not, write to the Free Software Foundation, Inc.,
|
|
* 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
|
|
*
|
|
*/
|
|
|
|
namespace MediaWiki\Composer;
|
|
|
|
/**
|
|
* Creates a .htaccess in the vendor/ directory
|
|
* to prevent web access.
|
|
*
|
|
* This class runs *outside* of the normal MediaWiki
|
|
* environment and cannot depend upon any MediaWiki
|
|
* code.
|
|
*/
|
|
class ComposerVendorHtaccessCreator {
|
|
|
|
/**
|
|
* Handle post-install-cmd and post-update-cmd hooks
|
|
*/
|
|
public static function onEvent() {
|
|
$fname = dirname( dirname( __DIR__ ) ) . "/vendor/.htaccess";
|
|
if ( file_exists( $fname ) ) {
|
|
// Already exists
|
|
return;
|
|
}
|
|
|
|
file_put_contents( $fname,
|
|
"Require all denied\n" .
|
|
"Satisfy All\n" );
|
|
}
|
|
}
|